This guide is designed to help you understand the Tribe Open Banking workflow by testing out our API.
The user will be able to test the Open Banking solution by using our Wallet integration. The Wallet is designed as an example use case for BANKS. It shows how the integration can work, however, the BANK is able to create their own workflow.
Abbreviation | Description |
---|---|
TOB | Tribe Open Banking. |
BANK | Account Servicing Payment Service Provider (ASPSP) and Payment Initiation Service Provider (PISP). |
TPP | Third-Party Provider (TPP) is a provider of an application that the PSU uses and is not offered by the BANK. TPP is the client/consumer of the API and acts on behalf of the PSU. |
SCA | The process of using a strong (2-factor) identification method to identify the customer. |
Consent | Consent is the agreement given by the customer to the TPP to retrieve the PSU's data from the BANK. Consent is stored and verified by the BANK, but approved by the PSU. Consent may have different characteristics, like recurrence, expiration, etc. |
PSU | Payment Service User. |
BIC | BANK Identifier Code. |
In order to start testing and administrating your Tribe Open Banking account, you first need to sign in to the application:
Do you have an account already?
If "no":
Click the "Don't have account? Register" link under the "Sign in" button.
The system navigates you to the register screen.
Name | What it means |
---|---|
Enter your email. Next time it will serve as the login username. | |
Password | Enter your password. |
Agree on terms | When you have read through the terms, please check the box. |
Click the "Register" button:
Enter your credentials:
Name | What it means |
---|---|
Username | Your email which was filled in the registration form is your username. |
Password | Enter your password which was created during the registration. |
Click the "Sign In" button.
Were there any errors?
If "yes":
If "no":
Go to the "Clients" list.
Click on the button to open the "Create client" screen.
Name | Type | What it means |
---|---|---|
API ID | Read-only | The API ID credential will be generated automatically by the system once you save the form. |
Active | Checkbox | By default, the checkbox is checked. You can uncheck it if you are creating an inactive client. |
Title | Text field | Client title. Max length - 128 characters. |
Callback URL | Text field | Default system provided value is for testing only, and will use system web interface to serve as an API client. Actual TPP client application callback URL should be used in production. |
* Fields with the asterisk on the right-hand side of the label are required
Click the "Create" button to save the form and create a new client record.
Were there any errors in the form?
If "yes":
If "no":
The client in the Tribe Open Banking system is the TPP. If a TPP wants to use the TOB they need to create a client.
The TPP can get their API ID from the client form. Without it, the client will not be authenticated in the TOB and unable to send requests.
Clients list can be accessed from the Left-side menu > Clients. In the "Clients" list you can:
Filter the list.
Navigate through the pages of the list.
Create a new client.
Review an already created client.
Go to the "Clients" list.
Click the button on the right-hand side of the selected record.
The system opens the "View Client" screen. All the fields in the form are read-only.
Tribe Open Banking API calls can be tested directly from the Tribe Open Banking GUI.
The Oauth2 authorization code grant type flow can be tested in two different ways.
Log into the TOB - the system will place you in the TOB Dashboard.
Use the left side menu to navigate to the "Authorize" screen.
Click Authorization > Authorize.
Name | Type | What it means |
---|---|---|
Client * | Single-select drop-down | Select a (TPP) client. |
Bank * | Single-select drop-down | Select a BANK. |
Scopes * | Multi-select list | Select the scopes that need to be approved. |
* Fields with the asterisk on the right-hand side of the label are required.
The system navigates you to the second "Authorize screen" with read-only fields. In this screen, you will see the HTTP request that will be executed from the TPP to TOB.
If you want to execute the request, click the "Make request" button.
The system will show the HTTP response to the executed request.
Note: You can not reselect consents. All listed consents have to be signed.
Enter your credentials and click "Log In".
Once the system navigates you to the "Account selection" screen select the accounts that you want to grant access to and click "Confirm".
The Wallet navigates you to the "Data confirmation" screen. Here you can check selected accounts, and if everything is correct, proceed by entering Key code and click "Confirm".
The Wallet will navigate you to the Success screen, after which it redirects to client callback URL with "authorization_code" which can be exchanged for access token.
The TOB will open the callback URL, in this case - Authorization > Token screen filled with authorization code and state from HTTP redirect.
Click the "Get Payload" button and the TOB will show the request which will be executed.
Authorization flow can also be checked from a different location - API specs > Authorization. Here, you can also find all the specifications for the API and try to initiate each call separately.
Get redirect URL (POST/tpp/authorize selection)
Receive authorization or refresh tokens (POST/tpp/token selection)
Get all possible scopes that can be provided by ASPSP (GET/tpp/scope?bic={bic} selection)
Get the list of possible BANKS that can be accessed through TOB (GET/tpp/banks?page={page}&limit={limit} selection)
Select a server to which you need to authorize.
Click the "Authorize" button to open the "Available authorizations" screen.
If you want to change the client ID which is authorized already click the "Logout" button so the system will enable the field.
Select the type of the message which should be tested from the list below and click on it to expand.
Once you will click the "Try it out" button the system enables parameter fields for editing. Review the parameters and update if necessary. Additionally, enter the "Request body" information in JSON format if requested. For example:
Click the "Execute".
You will be able to see the response below.
To test the "Get data" API calls, there are two options:
API Specs > Account can be used for getting account information (GET/tpp/accounts selection), specific account information (GET/tpp/account?iban {iban} selection), specific account balance information (GET/tpp/account_balance?iban={iban}).
API specs > Payments can be used for getting account payments information (GET/tpp/account_payments?iban{iban}&{record_count}¤t_page={current_page} selection), specific payment information (GET/tpp/account_payment?payment_id={payment_id} selection).
Go to the required location and select the API call which needs to be sent.
Are you already authorized?
If "no" click the "Authorize" button to open the "Available authorizations" modal window.
Fill in the access token information in the "tokenAuth(http, Bearer)" field and click the "Authorize" button and the system will lock the value.
Fill in the client API ID information in the "clientID (apiKey)" field and click the "Authorize" button and the system will lock the value.
If for any reason you need to change the value in any of these two fields click the "Logout" button near the selected field and the system will unlock the value in the field.
Select which message should be run and click on it.
The system expands required message.
Click the "Try it out" button to start the flow.
The system opens the parameters and the "Execute" button.
Update parameters if needed, enter IBAN (if needed) which information should be received and click the "Execute" button.
The system generates a curl command and shows the response.
You can find the example of the successful response under your actual response so you can compare them.
Do you want to proceed again?
If "No":
Click the "Clear" button.
the system cancels the flow and removes the generated information from the screen.
If "Yes":
Click the "Execute" button.
The system will send the request and display the response again.
Payment initiation message can be tried from API specs > Payments.
Go to API specs > Payments.
Select the "POST/tpp/payment_initiation" message and click on it.
The system will expand the message information.
Are you already authorized?
If "no" click the "Authorize" button to open the "Available authorizations" modal window.
Fill token information in the "tokenAuth(http, Bearer)" field and click the "Authorize" button and the system will lock the value.
Fill token information in the "clientID (apiKey)" field and click the "Authorize" button and the system will lock the value.
If for any reason you need to change the value in any of these two fields click the "Logout" button near the selected field and the system will unlock the value in the field.
Click the "Try it out" button to start the flow.
The system opens the parameters and the "Execute" button.
Update parameters if needed, enter request body information with the information about the payment which needs to be executed and click the "Execute" button.
The system generates a response.
You can find the example of the successful response under your actual response so you can compare them.
Do you want to proceed again?
If "No":
Click the "Clear" button.
the system cancels the flow and removes the generated information from the screen.
If "Yes":
Click the "Execute" button.
The system will send the request and display the response again.